From ff4556a308cadb5625f26fdfa2cff290baf7ff01 Mon Sep 17 00:00:00 2001
From: Kyren223 <kyren223@proton.me>
Date: Sun, 3 Aug 2025 23:33:11 +0300
Subject: [PATCH] Hardening

---
 nixosModules/eko.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/nixosModules/eko.nix b/nixosModules/eko.nix
index 9993752..0010dda 100644
--- a/nixosModules/eko.nix
+++ b/nixosModules/eko.nix
@@ -29,9 +29,9 @@
     users.users.grafana.extraGroups = [ "eko" ];
     systemd.services.grafana = {
       serviceConfig = {
-        ProtectHome = lib.mkForce false;
-        ProtectSystem = lib.mkForce false;
-        PrivateTmp = lib.mkForce false;
+        ProtectHome = lib.mkForce true;
+        ProtectSystem = lib.mkForce true;
+        PrivateTmp = lib.mkForce true;
         ReadWritePaths = [ config.services.eko.dataDir ];
       };
     };